[strongSwan] what wrong ?
Rafał Sanocki
rafal.sanocki at gmail.com
Wed May 6 19:49:05 CEST 2015
Hi, i cant run ipsec on my OpenWRT,
pleas for any help
client [win8] ---- router -----switch ------ router [openWRT - ipsec]
(router cient) 192.168.0.3 ------- 192.168.0.4 (
server)
[strongswan.conf ]
charon {
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509
revocation hmac stroke kernel-netlink socket-default updown attr farp dhcp
dns1=192.168.10.1
load_modular = yes
i_dont_care_about_security_and_use_aggressive_mode_psk = yes
max_packet=20000
plugins {
include strongswan.d/charon/*.conf
}
}
libstrongswan {
crypto_test {
on_add = yes
}
}
[ipsec.conf]
config setup
charondebug="dmn 1, mgr 1, ike 1, chd 1, job 1, cfg 1, knl 1,
net 1, enc 1, lib 1"
conn vpn-ikev2
keyexchange=ikev2
type=transport
leftsubnet=0.0.0.0/0
left=%any
leftfirewall = yes
leftcert=proxyWRT.s.cert
leftid="C=PL, ST=Malopolska, O=xxx, OU=Sec man, CN=px.xxx.org.pl,
E=kontakt at xxx.org.pl"
authby=rsasig
right=%any
rightrsasigkey=%cert
rightid="C=PL, ST=Malopolska, O=xxx, OU=Sec man, CN=*,
E=kontakt at xxx.org.pl"
auto=add
[log] ipsec start
May 6 19:35:36 OpenWrt ipsec_starter[12722]: Starting weakSwan 5.2.2
IPsec [starter]...
May 6 19:35:36 OpenWrt ipsec_starter[12722]: !! Your strongswan.conf
contains manual plugin load options for charon.
May 6 19:35:36 OpenWrt ipsec_starter[12722]: !! This is recommended for
experts only, see
May 6 19:35:36 OpenWrt ipsec_starter[12722]: !!
http://wiki.strongswan.org/projects/strongswan/wiki/PluginLoad
May 6 19:35:36 OpenWrt syslog: ah4 is already loaded
May 6 19:35:36 OpenWrt syslog: esp4 is already loaded
May 6 19:35:36 OpenWrt syslog: ipcomp is already loaded
May 6 19:35:36 OpenWrt syslog: xfrm4_tunnel is already loaded
May 6 19:35:36 OpenWrt syslog: xfrm_user is already loaded
May 6 19:35:36 OpenWrt syslog: 00[DMN] Starting IKE charon daemon
(strongSwan 5.2.2, Linux 3.10.49, mips)
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_WEAK[gcrypt]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_WEAK[openssl]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_STRONG[gcrypt]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_STRONG[openssl]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_STRONG[random]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_TRUE[gcrypt]:
skipping test (disabled by config)
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled RNG_TRUE[random]:
skipping test (disabled by config)
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA1[af-alg]:
passed 4 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA1[gcrypt]:
passed 4 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA1[openssl]:
passed 4 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA1[sha1]: passed
4 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[aes]: passed 6
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[aes]: passed 6
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[aes]: passed 6
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD5[af-alg]:
passed 7 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA1_96[af-alg]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA1_128[af-alg]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA1_160[af-alg]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_MD5_96[af-alg]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_MD5_128[af-alg]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_SHA1[af-alg]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_MD5[af-alg]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled DES_CBC[af-alg]:
des_cbc1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled DES_ECB[af-alg]:
des_ecb1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled 3DES_CBC[af-alg]:
des3_cbc1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled AES_CBC[af-alg]:
aes_cbc1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled AES_CBC[af-alg]:
aes_cbc1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled AES_CBC[af-alg]:
aes_cbc1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled BLOWFISH_CBC[blowfish]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_KEYED_SHA1[openssl]:
no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_KEYED_SHA1[sha1]: no
test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
PRF_FIPS_SHA1_160[fips-prf]: passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CTR[gcrypt]: passed
9 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CTR[gcrypt]: passed
9 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CTR[gcrypt]: passed
9 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[gcrypt]: passed
6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[gcrypt]: passed
6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[gcrypt]: passed
6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled BLOWFISH_CBC[gcrypt]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_CTR[gcrypt]:
passed 9 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_CTR[gcrypt]:
passed 9 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_CTR[gcrypt]:
passed 9 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_CBC[gcrypt]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_CBC[gcrypt]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_CBC[gcrypt]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAST_CBC[gcrypt]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled 3DES_CBC[gcrypt]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled DES_CBC[gcrypt]: passed
2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled DES_ECB[gcrypt]: passed
2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled SERPENT_CBC[gcrypt]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled SERPENT_CBC[gcrypt]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled SERPENT_CBC[gcrypt]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled TWOFISH_CBC[gcrypt]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled TWOFISH_CBC[gcrypt]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD4[gcrypt]:
passed 7 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD5[gcrypt]:
passed 7 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA224[gcrypt]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA256[gcrypt]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA384[gcrypt]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA512[gcrypt]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD4[md4]: passed 7
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[openssl]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[openssl]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_CBC[openssl]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAST_CBC[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled BLOWFISH_CBC[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled 3DES_CBC[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled DES_CBC[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled DES_ECB[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled NULL[openssl]: passed 1
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD4[openssl]:
passed 7 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD5[openssl]:
passed 7 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA224[openssl]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA256[openssl]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA384[openssl]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA512[openssl]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_MD5[openssl]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_SHA1[openssl]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
PRF_HMAC_SHA2_256[openssl]: passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
PRF_HMAC_SHA2_384[openssl]: passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
PRF_HMAC_SHA2_512[openssl]: passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_MD5_96[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_MD5_128[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA1_96[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA1_128[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA1_160[openssl]:
passed 2 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
HMAC_SHA2_256_128[openssl]: passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
HMAC_SHA2_256_256[openssl]: no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
HMAC_SHA2_384_192[openssl]: passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
HMAC_SHA2_384_384[openssl]: no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
HMAC_SHA2_512_256[openssl]: passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
HMAC_SHA2_512_512[openssl]: no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_8[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_8[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_8[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_12[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_12[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_12[openssl]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_16[openssl]:
passed 12 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_16[openssl]:
passed 12 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_GCM_16[openssl]:
passed 12 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_AES128_XCBC[xcbc]:
passed 7 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled
PRF_CAMELLIA128_XCBC[xcbc]: passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled CAMELLIA_XCBC_96[xcbc]:
passed 1 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled AES_XCBC_96[xcbc]:
passed 5 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled 3DES_CBC[des]: passed 2
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled DES_CBC[des]: passed 2
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled DES_ECB[des]: passed 2
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA224[sha2]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA256[sha2]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA384[sha2]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_SHA512[sha2]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HASH_MD5[md5]: passed 7
test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled PRF_HMAC_SHA1[hmac]:
sha1_hmac_p1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled PRF_HMAC_MD5[hmac]:
md5_hmac_p1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_SHA2_256[hmac]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_SHA2_384[hmac]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled PRF_HMAC_SHA2_512[hmac]:
passed 6 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled HMAC_SHA1_96[hmac]:
sha1_hmac_s1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled HMAC_SHA1_128[hmac]:
sha1_hmac_s2 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled HMAC_SHA1_160[hmac]:
sha1_hmac_s3 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled HMAC_MD5_96[hmac]:
md5_hmac_s1 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] disabled HMAC_MD5_128[hmac]:
md5_hmac_s2 test vector failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA2_256_128[hmac]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA2_256_256[hmac]:
no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA2_384_192[hmac]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA2_384_384[hmac]:
no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA2_512_256[hmac]:
passed 3 test vectors
May 6 19:35:36 OpenWrt syslog: 00[LIB] enabled HMAC_SHA2_512_512[hmac]:
no test vectors found
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading ca certificates from
'/etc/ipsec.d/cacerts'
May 6 19:35:36 OpenWrt syslog: 00[CFG] loaded ca certificate "C=PL,
ST=Malopolska, O=xxx, OU=Sec man, CN=xxx.org.pl, E=kontakt at xxx.org.pl"
from '/etc/ipsec.d/cacerts/cacert.pem'
May 6 19:35:36 OpenWrt syslog: 00[LIB] OpenSSL X.509 parsing failed
May 6 19:35:36 OpenWrt syslog: 00[LIB] building CRED_CERTIFICATE - X509
failed, tried 5 builders
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading ca certificate from
'/etc/ipsec.d/cacerts/cakey.pem' failed
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading aa certificates from
'/etc/ipsec.d/aacerts'
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading ocsp signer certificates
from '/etc/ipsec.d/ocspcerts'
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading attribute certificates
from '/etc/ipsec.d/acerts'
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading crls from
'/etc/ipsec.d/crls'
May 6 19:35:36 OpenWrt syslog: 00[CFG] loading secrets from
'/etc/ipsec.secrets'
May 6 19:35:38 OpenWrt syslog: 00[CFG] loaded RSA private key from
'/etc/ipsec.d/private/proxyWRT.s.key'
May 6 19:35:38 OpenWrt syslog: 00[LIB] loaded plugins: charon aes
af-alg blowfish constraints dnskey fips-prf gcrypt md4 openssl pgp
pkcs11 pkcs8 pubkey resolve test-vectors xauth-generic xcbc des sha1
sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke
kernel-netlink socket-default updown attr farp dhcp
May 6 19:35:38 OpenWrt syslog: 00[LIB] unable to load 4 plugin features
(4 due to unmet dependencies)
May 6 19:35:38 OpenWrt syslog: 00[JOB] spawning 16 worker threads
May 6 19:35:38 OpenWrt ipsec_starter[12735]: charon (12736) started
after 1600 ms
May 6 19:35:38 OpenWrt syslog: 11[CFG] received stroke: add connection
'vpn-ikev2'
May 6 19:35:38 OpenWrt syslog: 11[CFG] left nor right host is our side,
assuming left=local
May 6 19:35:38 OpenWrt syslog: 11[CFG] loaded certificate "C=PL,
ST=Malopolska, O=xxx, OU=Sec man, CN=px.xxx.org.pl,
E=kontakt at xxx.org.pl" from 'proxyWRT.s.cert'
May 6 19:35:38 OpenWrt syslog: 11[CFG] added configuration 'vpn-ikev2'
when i try connect
May 6 19:44:51 OpenWrt syslog: 05[NET] received packet: from
192.168.0.3[500] to 192.168.0.4[500] (880 bytes)
May 6 19:44:51 OpenWrt syslog: 05[ENC] parsed IKE_SA_INIT request 0 [
SA KE No N(NATD_S_IP) N(NATD_D_IP) V V V V ]
May 6 19:44:51 OpenWrt syslog: 05[ENC] received unknown vendor ID:
1e:2b:51:69:05:99:1c:7d:7c:96:fc:bf:b5:87:e4:61:00:00:00:09
May 6 19:44:51 OpenWrt syslog: 05[ENC] received unknown vendor ID:
fb:1d:e3:cd:f3:41:b7:ea:16:b7:e5:be:08:55:f1:20
May 6 19:44:51 OpenWrt syslog: 05[ENC] received unknown vendor ID:
26:24:4d:38:ed:db:61:b3:17:2a:36:e3:d0:cf:b8:19
May 6 19:44:51 OpenWrt syslog: 05[ENC] received unknown vendor ID:
01:52:8b:bb:c0:06:96:12:18:49:ab:9a:1c:5b:2a:51:00:00:00:02
May 6 19:44:51 OpenWrt syslog: 05[IKE] 192.168.0.3 is initiating an IKE_SA
May 6 19:44:51 OpenWrt syslog: 05[IKE] 192.168.0.3 is initiating an IKE_SA
May 6 19:44:51 OpenWrt syslog: 05[IKE] remote host is behind NAT
May 6 19:44:51 OpenWrt syslog: 05[IKE] sending cert request for "C=PL,
ST=Malopolska, O=xxx, OU=Sec man, CN=xxx.org.pl, E=kontakt at xxx.org.pl"
May 6 19:44:51 OpenWrt syslog: 05[ENC] generating IKE_SA_INIT response
0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(MULT_AUTH) ]
May 6 19:44:51 OpenWrt syslog: 05[NET] sending packet: from
192.168.0.4[500] to 192.168.0.3[500] (333 bytes)
May 6 19:44:52 OpenWrt syslog: 04[NET] received packet: from
192.168.0.3[4500] to 192.168.0.4[4500] (7188 bytes)
May 6 19:44:52 OpenWrt syslog: 04[LIB] MAC verification failed
May 6 19:44:52 OpenWrt syslog: 04[ENC] verifying encrypted payload
integrity failed
May 6 19:44:52 OpenWrt syslog: 04[ENC] could not decrypt payloads
May 6 19:44:52 OpenWrt syslog: 04[IKE] integrity check failed
May 6 19:44:52 OpenWrt syslog: 04[IKE] IKE_AUTH request with message ID
1 processing failed
May 6 19:44:53 OpenWrt syslog: 03[NET] received packet: from
192.168.0.3[4500] to 192.168.0.4[4500] (7188 bytes)
May 6 19:44:53 OpenWrt syslog: 03[LIB] MAC verification failed
May 6 19:44:53 OpenWrt syslog: 03[ENC] verifying encrypted payload
integrity failed
May 6 19:44:53 OpenWrt syslog: 03[ENC] could not decrypt payloads
May 6 19:44:53 OpenWrt syslog: 03[IKE] integrity check failed
May 6 19:44:53 OpenWrt syslog: 03[IKE] IKE_AUTH request with message ID
1 processing failed
May 6 19:44:54 OpenWrt syslog: 02[NET] received packet: from
192.168.0.3[4500] to 192.168.0.4[4500] (7188 bytes)
May 6 19:44:54 OpenWrt syslog: 02[ENC] parsed IKE_AUTH request 1 [ IDi
CERT CERT CERTREQ AUTH N(MOBIKE_SUP) CPRQ(ADDR DNS NBNS SRV ADDR6 DNS6
SRV6) SA TSi TSr ]
May 6 19:44:54 OpenWrt syslog: 02[IKE] received 37 cert requests for an
unknown ca
May 6 19:44:54 OpenWrt syslog: 02[IKE] received end entity cert "C=PL,
ST=Malopolska, O=yyy, OU=Sec man, CN=yyy.pl, E=y at yy.pl"
May 6 19:44:54 OpenWrt syslog: 02[IKE] received issuer cert "C=PL,
ST=Malopolska, O=Medycyna Praktyczna Publishing House, OU=MP For
authorizded use only, CN=yyy, E=admin at yy.pl"
May 6 19:44:54 OpenWrt syslog: 02[CFG] looking for peer configs
matching 192.168.0.4[%any]...192.168.0.3[C=PL, ST=Malopolska, O=yyy,
OU=Sec man, CN=yyy.pl, E=y at yy.pl]
May 6 19:44:54 OpenWrt syslog: 02[CFG] no matching peer config found
May 6 19:44:54 OpenWrt syslog: 02[IKE] peer supports MOBIKE
May 6 19:44:54 OpenWrt syslog: 02[ENC] generating IKE_AUTH response 1 [
N(AUTH_FAILED) ]
May 6 19:44:54 OpenWrt syslog: 02[NET] sending packet: from
192.168.0.4[4500] to 192.168.0.3[4500] (68 bytes)
---
Ta wiadomość e-mail jest wolna od wirusów i złośliwego oprogramowania, ponieważ ochrona avast! Antivirus jest aktywna.
http://www.avast.com
More information about the Users
mailing list